Hacker employs Claude to breach booking firms, leaves millions of records publicly accessible

Published: 23 June 2026
Last updated: 1 hour ago
Claude with a hacker hacking
Image by Cybernews.

A Russian hacker utilized HexStrike AI, combined with Anthropic's Claude, to steal data from numerous companies in the accommodation sector, our research team has found. The AI-assisted attack netted hackers over 2 million emails and other booking data.

Key takeaways:
  • Hacker used HexStrike AI with Anthropic's Claude to breach hotel booking platforms and expose 2.1 million email addresses.
  • Attacker bypassed AI guardrails by disguising malicious activity as legitimate penetration testing, compromising multiple accommodation companies.
  • Stolen data includes guest names, emails, phone numbers, reservation dates, and payment records from several companies.
  • Exposed booking information enables sophisticated phishing attacks, as hackers possess reservation numbers and travel dates to craft convincing scams.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

Despite AI companies' promises of safety, malicious actors continue to find creative ways to turn AI agents to the dark side.

ADVERTISEMENT

On April 16th, 2026, our researchers discovered a publicly accessible server owned by a threat actor who accidentally left the instance publicly exposed.

Inside the server, our team discovered detailed documentation of an executed attack against several companies in the accommodation industry, along with source code and data exfiltration results.

According to the team, the attacker used HexStrike AI, an open-source tool that integrates large language models (LLMs). In this particular case, the attacker combined the open-source tool with Claude, Anthropic's AI agent.

“Claude configuration files contained the threat actor’s personal email, which helped uncover the attacker's identity. He is a Russian citizen,” the Cybernews research team explained.

booking firms hack1
Threat actor’s Claude subscription details, including their personal email. Image by Cybernews.booki

Inside the exposed server, the team discovered millions of booking-related files from numerous companies. However, our researchers were unable to map the true scope of the servers’ contents, as the hacker realized his mistake and managed to hide the exposed server containing the stolen records.

What was on the hacker’s server?

According to the team, the Russian hacker utilized HexStrike AI. To oversimplify, the tool allows users to anonymously run cybersecurity tools, serving as an automated penetration tester. However, in the wrong hands, vulnerability scanning can easily turn into unauthorized access.

ADVERTISEMENT
booking firms hack2
HexStrike AI configuration. Image by Cybernews.

Inside the exposed hacker server, our team discovered that, with the help of AI, attackers crafted at least 50 penetration test reports targeting companies in the accommodation sector.

According to the team, the Russian hacker bypassed LLMs guardrails by disguising malicious intent with supposed penetration testing. At the same time, while the companies were targeted it doesn’t automatically mean the attempts were successful.

“Each of these files included an executive summary, target infrastructure information, found vulnerabilities, how and if they were exploited, what kind of data was found, and mitigation suggestions,” our researchers explained.

Additionally, the team found summaries of installed hacking tools, their configurations, various codebase files, and data exfiltrated from systems the malicious actor targeted. Most of the exported data included guests’ personally identifiable information (PII) as well as host details.

booking firms hack3
“Penetration test report” document example. Image by Cybernews.

According to the researchers, the exported files contained 2.1 million unique email addresses, which most likely correlated to the number of exposed individuals.

Since the attacker took the server out of public view during the investigation, we cannot provide a detailed list of companies that were exposed. However, the team managed to identify at least several of them.

One of the companies on the hackers' server was RoomScope, a Thailand-based software development company that provides hotel management solutions. Researchers noted around 6.4 million booking records with guest names, 1.1 million unique email addresses, phone numbers, and additional services guests ordered.

roomscope booking records
RoomScope booking records. Image by Cybernews.
ADVERTISEMENT

The leaked data included records from IGMS, a Canadian company that specializes in Property Management Software (PMS) development. Extracted data included host phone numbers, check-in and check-out dates, host emails, property address, and, in some cases, WiFi passwords. Researchers observed 1,400 records from IGMS.

igms data leak
IGMS reservation records. Image by Cybernews.

Another victimized company is NebulaPMS, a property management system developed by Hospitality Technology International, a South African company. The team found 2 million records containing guests’ full names, email addresses, phone numbers, check-in and check-out dates, and hotel names.

nebulapms booking records
NebulaPMS booking records. Image by Cybernews.

Our researchers also discovered records stolen from Staysee, a Japanese company specializing in PMS software. The details included past and future reservation data, including dates of stay and guest PII.

Among the Staysee data, the team found over 31,000 payment records with reservation identifiers, payment method types, and amounts paid, as well as 49,000 product records that reveal reservation identifiers, product purchases, and their price.

staysee reservation records
Staysee reservation records. Image by Cybernews.

NebulaPMS told Cybernews, the company learned about a “potential breach in March 2026 and since then we have taken various steps to remediate the exposure that this breach may have had” on the company’s clients.

“Subsequently, we have performed a number of additional pen tests and security scans and we continue to mitigate as and when we are made aware of any vulnerabilities. We are also enhancing our password policies, and we have implemented best practice password protection security standards for better baseline protection against password interception or infrastructure exposure,” NebulaPMS explained.

We have reached out to other companies mentioned in this article and will update once we receive their statements.

ADVERTISEMENT

Are holidaygoers at risk of hacking?

Hotel booking platforms are tempting targets for attackers, as stolen data could be used in phishing attacks. Phishing is especially effective when attackers know the victims' exact names, travel dates, and reservation numbers. With such data in hand, they can craft convincing phishing schemes and gain victims’ trust to deliver malicious payloads.

“Since these institutions handle a huge amount of personal and financial data, these kinds of attacks are easily monetizable on the dark web after the data is exfiltrated. Data that was gathered during this specific attack is no exception,” our team explained.

unique email count
Unique email counts in .csv files. Image by Cybernews.

For example, the attackers could craft convincing messages, flooding holidaygoers’ email inboxes. With information on reservation numbers and vacation days, such phishing messages can be extremely difficult to identify.

Moreover, users are likely to comply with requests that appear to come from a hotel to avoid losing their booking, making data from accommodation companies a goldmine for hackers.

“This should encourage hotels and any other organizations in the accommodation supply chain to take data security more seriously and to invest in cybersecurity staff or tools that would reduce possible attack surfaces,” our researchers concluded.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Especially, when there’s ample evidence attackers have their sights set on accommodation platforms. In April, the Cybernews research team uncovered a massive operation that was siphoning booking data from Spanish and Austrian hospitality platforms Checkin and Gastrodat.

Nearly at the same time, Booking.com warned customers that their personal data, as well as upcoming travel details, have been exposed after hackers infiltrated the company’s networks. Dozens of customers were reporting fake emails and WhatsApp messages claiming to be from the booking site.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT